Getting Comfortable With The Basics

Security

1 2 3 5

– Google Doesn’t Just Let Apps Read Your Email

No, Google Doesn’t Just Let Apps Read Your Email by howtogeek.com

There’s a story spreading in the news today that Google is letting companies scan through your email and sell the data, but this is really misleading. So what’s actually going on?

The way the story is framed makes it sound like something very nefarious is being allowed. Google is letting companies scan my Gmail account?


Opinion: Why does no one get how email apps and Gmail add-ons work? By Corbin Davenport, www.androidpolice.com

There are legitimate security concerns about Google, most recently around its handling of user location data. However, there are a growing number of media outlets and U.S government officials bashing the company for allowing Gmail add-ons and third-party mail clients to read user messages – which is required for them to function.

Are Your Password Security Habits Improving

Are Your Password Security Habits Improving? (Infographic) by entrepreneur.com

From the French presidential election to Gmail, a number of incidents have unfolded this year revealing how vulnerable our online security is. That’s why it’s more important than ever to make sure you go above and beyond to secure your digital privacy. And that can be as simple as changing your password every once in awhile.

– 5 best password managers for Android

The 5 best password managers for Android by androidpolice.com

Our accounts hold invaluable information about us — about our work, our finances, and our social lives. Keeping that information safe from prying eyes is paramount, and to do that, we need solid passwords. Assuming you're a typical person living in the modern age, you probably have accounts and passwords for about a million websites and services, and it can be hard to keep them all straight. Password managers take the onus of remembering dozens and dozens of (hopefully) unique strings of characters off our stupid brains, and once you've used one, it's hard to imagine going without. 

Credit freeze: A freebie that you actually want

Credit freeze: A misunderstood freebie that you actually want by freep.com

On Sept. 21, the three big credit reporting agencies will have to give consumers credit freezes for free.

Just one year ago, consumers woke up and discovered that hackers had one heck of a field day with their Social Security numbers and other information in a massive data breach at Equifax. 


Credit Freezes Will Soon Be Free by lifehacker.com

With the one-year anniversary of the Equifax breach just behind us, here’s a reminder that you will be able to freeze your credit reports and sign up for year-long fraud alerts for free starting Sept. 21 thanks to a federal law passed earlier this year. 


Know the difference between a fraud alert and a credit freeze by komonews.com

It's been one year since Equifax let us know that hackers stole the personal information of half the adults in the country. But a surveyshows most of us have not taken steps to freeze our credit reports.

Google Titan Security Key review

Google Titan Security Key review: A $50 hardware 2FA bundle with outdated connectors by androidpolice.com

Those of us that care about our online security probably use some form of two-factor authentication to secure our most important accounts, but even the strongest password and the longest authentication code are still subject to something as simple as a phishing attack, which is why so many have switched to hardware security keys. Google helped to create the Universal 2nd Factor (U2F) hardware authentication standard, and now it's releasing its own product to consumers: the $50 Titan Security Key.


How to Set Up and Use the Google Titan Key Bundle by howtogeek.com

Google recently released a set of two-factor authentication (2FA) security keys called the Titan Security Bundle. This set includes a traditional USB-based Universal Second Factor (U2F) key for use on a computer and a combination Bluetooth/USB key for mobile. Here’s how to get it all set up.

Two-Step Authentication on Your Microsoft Account

How to Set Up Two-Step Authentication on Your Microsoft Account by lifehacker.com

If we’ve said it once, we’ve said it a million times: You should use two-factor authentication everywhere you can. It’s an easily enacted security measure that should give you a lot more peace of mind. 

Technically, Microsoft protects its apps with “two-step verification” rather than two-factor verification. 

Google’s hardware 2FA Titan Security Keys

Google's hardware 2FA Titan Security Keys available starting today for $50 at the Google Store by androidpolice.com

If you're conscious of your own digital security in the modern era, then odds are you use two/multi-factor authentication to secure your more important accounts, but not all methods are equal. If you're especially concerned — or especially "high value" in security terms — hardware-based keys are the better choice, as they offer additional protections against things like phishing attacks. And starting today, those invested heavily into Google's ecosystem can pick up the previously announcedTitan Security Keys over on the Google Store.


What it's like to live under the Google Advanced Protection Program by androidcentral.com

I am not what I'd call a Very Important Person. I still consider myself a journalist of sorts (and it's what's on my college degree), but I wouldn't say I practice it in the way I did back when I made newspapers. I also am neither an activist, business leader, or am on a political campaign team.

Am I really a candidate for Google's Advanced Protection Program? Do I really need the strongest account security Google offers publicly?

Google’s New Gmail Features

Gmail’s biggest redesign is now live by theverge.com

The world’s most popular email service is getting a big overhaul today. Google is making official the changes we saw leaked earlier this month, with email snoozing, nudging, and confidential mode making their debut alongside a substantial visual redesign for Gmail on the web. The new Gmail begins a global phased rollout today, which is to say that it won’t be available to every one of Gmail’s 1.4 billion users right away, and the first to get it will be invited to opt in rather than being able to just turn it on themselves.


Google’s New Gmail Features and How Best to Use Them by tech.co

This year, Gmail’s 1.4 billion users are getting their first major upgrade since 2011. From a game-changing “snooze email” function to the exciting option to make sent messages “self-destruct”, we run through the key features of the new Gmail upgrade.


How to Find Contacts in the New Gmail by howtogeek.com

The new Gmail started rolling out last week, and it’s awesome. But many people are asking the same question: where did Contacts go?

The previous version of Gmail, now called “Classic Gmail,” had a drop-down at the top-left for quick access to Contacts and Tasks.


Google will force you to switch to the new Gmail whether you want it or not — here's when you'll get it by businessinsider.com

Google recently announced a massive update to its popular email platform. So far, it's given personal account holders and company admins (who run company's G Suite accounts) the choice to leave their Gmail inboxes as-is, or to opt into the new Gmail, which comes with a new look and a lot of new features. If they don't enjoy the experience, users and admins are welcome to opt back out.

That's no longer going to be the case in a matter of months, as Google announced


How to undo the Gmail update – and what features you'll miss if you do by independent.co.uk

The new Gmail update features a snooze email function, a fresh design and a 'confidential mode' that protects outgoing emails.

However hundreds of Gmail users took to social media to complain about Google's new design. Fortunately for them, there is a way to switch it back to the old version, but only for a limited time.

 

Create virtual cards that protect your money

Create virtual cards that protect your money. at privacy.com

Privacy is the safest and easiest way to shop online.

Freeze, unfreeze, and set spending limits. Get real cashback rewards. Take control of your money.

Privacy provides a service that allows you to checkout online without sharing your real credit or debit card information online. We allow you to use any name and billing address with the merchant you would like, so your private information remains secure and private.


Privacy.com Review by echeck.org

When you pay for something online, you are putting your financial and personal details at risk. No matter which form of payment you use, there is always a risk, and there is no way for you (the consumer) to know just how big or small the risk is. The sheer number of massive hacks and leaks over the last ten years is proof enough that we have no idea how safe our payment information really is. Privacy.com adds another layer of privacy.


Privacy.com's virtual Visas are burner debit cards that keep online shoppers safe by pcworld.com

Slinging your credit card information all over the web may be the norm when you’re online shopping, but playing fast and loose with those precious numbers is just begging for identity theft to happen. A new company dubbed Privacy.com thinks it has a solution to the problem. Instead of handing out your actual debit and credit card numbers, Privacy.com lets you create “virtual” debit cards that are locked for use with a single vendor, or “burner” cards that are valid only for one-time use.


One Response to Privacy.com Review: Get Virtual Card Numbers which Allow Using Any Name & Address by doctorofcredit.com

Privacy.com allows consumers to make payments online safely and anonymously. For security or privacy reasons, people don’t always want to use their regular payment methods online and expose their card/bank details, name, and address to random online vendors.


Privacy.com is a VPN for credit cards by theverge.com

In 2016, it’s remarkably hard to buy something anonymously. Bitcoin would be the easiest way, but most places don’t accept it. Even walking into a store and paying cash, there’s a decent chance you’ll be asked for your name and zip code. Paying online is even harder. Use a credit card or a traditional payment service and the odds are your purchase will end up in an anonymized database, used to target you the next time advertisers want to find someone who’s bought a burrito, a pair of jeans, or a lamp in the last month.


 

LastPass Authenticator

LastPass Authenticator by logmeininc.com

LastPass Authenticator is a multifactor app for Android, iOS, and Windows mobile devices. It supports 3 ways to log in:

  • Time based 6-digit codes
  • One-tap push notifications
  • SMS 6-digit codes

LastPass Authenticator is also TOTP compliant, meaning it’s compatible with all apps and websites that support Google Authenticator. That means you can conveniently manage Multifactor Authentication for multiple services, all from LastPass Authenticator.

How to add a USB 2FA key to your Google account without activating Advanced Security

How to add a USB 2FA key to your Google account without activating Advanced Security by androidcentral.com

We've gone over why using two-factor authentication on your online accounts is a good idea, and showed you how to set it up for your Google account as well as how to get started with Authy if you use more than one phone or computer. But we're not done yet!

Your Ultimate Guide to Password Security

'12345' Is Really Bad: Your Ultimate Guide to Password Security by pcmag.com

In a recent PCMag survey on passwords, only 24 percent of respondents reported using a password manager. The rest of you have a serious problem. It's almost certainly true that you are using passwords that are easy to remember, which makes them easy to crack. Furthermore, the plethora of sites you visit that require logins probably means that you recycle the same passwords over and over, too. Maybe you think that securing your online accounts is unimportant, or too much trouble. Trust us, that's not the case. Using bad passwords can have serious consequences.


Google Advanced Protection Program: Everything you need to know by androidcentral.com

Google takes account security very seriously. You may be giving up more of your privacy than you like by using Google services and hardware, but that's not the same thing as account security — and Google takes some pretty big steps to keep unauthorized users out of your account. The company also has some tools and policies designed to keep youfrom letting an unauthorized user in, like Chrome blocking websites that host malicious content. Google depends on you trusting them with your personal data as its business model. Playing fast and loose with security is a great way to lose that trust and Google knows it.

Avoid Getting Locked Out When Using Two-Factor Authentication

How to Avoid Getting Locked Out When Using Two-Factor Authentication by howtogeek.com

Two-factor authentication secures your accounts with code in addition to your password. You can’t get in without the code sent to your phone. But what happens if you lose or reset your phone? If you don’t plan your recovery method ahead of time, you could permanently lose access to your accounts.


The Ugly Side of Two-Factor Authentication by elcomsoft.com

Two-factor authentication is great when it comes to securing access to someone’s account. It’s not so great when it gets in the way of accessing your account. However, in emergency situations things can turn completely ugly. In this article we’ll discuss steps you can do to minimize the negative consequences of using two-factor authentication if you lose access to your trusted device and your trusted phone number. In order to keep the size of this text reasonable we’ll only talk about Apple’s implementation, namely Two-Step Verification and Two-Factor Authentication.

This article will help you with:

  • Two-Factor Authentication in Emergencies
  • Using Find My iPhone if Two-Factor Authentication Is Enabled
  • Setting Up a New iPhone
  • Reinstating Access to Apple ID: Apple Two-Step Verification
  • Reinstating Access to Apple ID: Apple Two-Factor Authentication
  • Preparing for Emergencies

 

Choosing A Master Password

Choosing A Master Password by medium.com

It has become standard advice for online users to have strong, unique passwords for all their online accounts. Not without reason: a data breach at one company with a poorly protected user database leads to attackers having huge lists of email addresses and associated passwords some of which will work on other companies’ websites.

People Think Their Passwords Are Too Awesome For Two Factor Authentication.

People Think Their Passwords Are Too Awesome For Two Factor Authentication. They’re Wrong. by howtogeek.com

Two factor authentication vastly improves your security, but hardly anyone uses it: only 10 percent of Google users enable the feature, for example. Why is that?


Even many tech-savvy people not using two-factor authentication, finds university​ by 9to5mac.com

Even many tech-savvy people are failing to take advantage of the opportunity to use two-factor authentication for websites and apps, found an Indiana University study …


SMS Two-Factor Auth Isn’t Perfect, But You Should Still Use It by howtogeek.com

In a quest for perfect security, the perfect is the enemy of the good. People are criticizing SMS-based two-factor authentication in the wake of the Reddit hack, but using SMS-based two factor is still much better than not using two-factor authentication at all.

Best practices for account security and recoverability

New improvements and best practices for account security and recoverability by github.com

Strong authentication credentials are critical to preventing malicious access to your account. Everyone on GitHub has a password, so a strong password is an excellent starting point. And, for even stronger assurances, we highly encourage users to enable two-factor authentication (2FA). We’re introducing two new features to help you balance the security, usability, and recoverability of your accounts.

Lying Sextortion Scammers Score $250,000 After Sending Victims Their Own Hacked Passwords

Lying Sextortion Scammers Score $250,000 After Sending Victims Their Own Hacked Passwords by forbes.com

Online scammers have been innovating of late. In the last month, one group of ne'er-do-wells has sent out spam emails telling recipients they've been caught watching porn through their webcam and if they don't pay, all their dirty laundry will be aired in public. That's not new. But putting a novel twist on that scam, the crooks are sending through passwords they claim to have stolen as proof they have been spying on the victim. So far, more than 150 people have coughed up $250,000 in Bitcoin for fear of their private web browsing habits being exposed.

If You’re Using a Free VPN, You’re Being Farmed For Data

If You’re Using a Free VPN, You’re Being Farmed For Data by extremetech.com

Back in February, we called out Facebook’s “free” VPN service, Onavo Protect, for literally being the opposite of a VPN. While it claims to cloak your traffic from prying eyes elsewhere, Onavo’s terms of service are straightforward about the fact that the company gathers data on everything you do and hands all of it over to Facebook. This was enough to disqualify the service as any kind of privacy option anyone should use.

 

* Is it Safe to Use a Password Manager?

Is it Safe to Use a Password Manager? by techlicious.com

 

Most of us know the rules for good password hygiene – make them complicated, don’t reuse them and change them every so often. But with nearly every site and app requiring users to sign up for an account, remembering an ever-growing stable of fiendishly complex passwords becomes a herculean task.

Enter password managers, which not only do the remembering but can also generate the random strings of lowercase and uppercase letters, numbers and symbols required to protect your online accounts from hackers and scammers. 

* The Value of Two-Factor Authentication

Save the Embarrassment: The Value of Two-Factor Authentication by tripwire.com

These days, it’s not a matter of if your password will be breached but when.

Major websites experience massive data breaches at an alarming rate. Have I Been Pwned currently has records from 295 sites comprising 5.3 billion accounts. This includes well-known names like LinkedIn, Adobe, and MySpace.

Here’s How You Back Up Your Gmail

Here's How You Back Up Your Gmail by howstuffworks.com

If you use Gmail as your email client, you definitely need to know how to backup all of your data. Chesnot/Getty Images

Countless computer users leverage Gmail as a go-to repository for their digital lives. But if your account is hacked or inaccessible for any reason, there's a chance you could permanently lose all of that data. You can prevent this kind of catastrophe by backing up your Gmail data in various ways.

VirusTotal Review

A Full Review of VirusTotal, the Best Online Virus Scanner by thebalanceeveryday.com

VirusTotal is the best online virus scannerbecause in addition to scanning URLs, IP addresses, and files against several different antivirus engines, it can also be used over email or from a desktop to scan running processes.

Dozens of different antivirus engines are used to scan files sent to VirusTotal, which means several different perspectives are used to determine whether or not a file is…


Click to launch VirusTotal to analyze suspicious files and URLs to detect types of malware, automatically share them with the security community.


How it works by virustotal.com

VirusTotal inspects items with over 60 antivirus scanners and URL/domain blacklisting services, in addition to a myriad of tools to extract signals from the studied content. Any user can select a file from their computer using their browser and send it to VirusTotal. VirusTotal offers a number of file submission methods, including the primary public web interface, desktop uploaders, browser extensions and a programmatic API. The web interface has the highest scanning priority among the publicly available submission methods. Submissions may be scripted in any programming language using the HTTP-based public API.

As with files, URLs can be submitted via several different means including the VirusTotal webpage, browser extensions and the API.

Two-Factor Text Authentication Isn’t Enough to Keep Your Accounts Secure

Two-Factor Text Authentication Isn't Enough to Keep Your Accounts Secure by lifehacker.com

Just last week, Instagram confirmed reports that it’s modifying its two-factor authentication setup to allow users to log in with passcodes from security apps—like Google Authenticator. While this isn’t the sexiest of news, it’s great to see this practice growing in popularity: using a token-based app, rather than a text message, to authenticate into other apps and services. 

End-to-end encryption and how does it work

What is end-to-end encryption and how does it work? by protonmail.com

End-to-end encryption is the most secure way to communicate privately and securely online. By encrypting messages at both ends of a conversation, end-to-end encryption prevents anyone in the middle from reading private communications.

Until recently, end-to-end encryption (E2EE) was the sole domain of the tech savvy because of the complicated operations required to use it. 

75 % off LastPass Premium Humble Bundle

Lock down your logins with 75 percent off a LastPass Premium subscription through Humble Bundle by pcworld.com

We've all heard the age-old advice: change your passwords often, never use the same password twice, create complicated passwords. But how many of us really follow that advice? That's where LastPass comes in, and right now its premium version is $6 for 12 months on Humble Bundle, down 75 percent from its list price of $24Remove non-product link—a deal that works for both new and existing users.

Your password has likely been stolen. Here’s what to do about it

Your password has likely been stolen. Here’s what to do about it. by seattletimes.com

Pardon the interruption, but your passwords are leaking.

You’ve probably become numb to all the headlines about data breaches. But a website called haveibeenpwned.com will expose the horror they’ve wreaked on you.

Type in your email address and haveibeenpwned lists websites and apps where your own passwords have been compromised. (“Pwned,” pronounced like owned, is geek speak for conquered.) Try your family members’ emails and your favorite passwords, too.

New Confidential Mode In Gmail

How the New Confidential Mode Works In Gmail by howtogeek.com

After you send an email, it’s pretty much outside your control. Gmail’s new Confidential Mode tries to give you a bit of control back by offering message expiration dates and making it trickier for email to be forwarded on.


Gmail rolls out DRM for email and office documents, calls it "Confidential Mode" by boingboing.net

Google has rolled out a "Confidential Mode" for Gmail and Google Docs attachments, promising users that they'll be able to send emails to their contacts that can't be shared, printed or copied.

– Secure Your Accounts With Better Two-Factor Authentication

How to Secure Your Accounts With Better Two-Factor Authentication by wired.com

Hopefully by now you’ve heeded the repeated warnings from your friends and loved ones (and friendly, beloved internet writers) to use two-factor authentication to secure your digital accounts. That’s where access to Facebook or Twitter or your online bank—anything that supports it, really—requires not just a password but also a special code. Not all two-factor is created equal, however. For better protection, you’re going to want an authenticator app.

Prevent some spam calls from interrupting you

Google’s Phone app can now prevent some spam calls from interrupting you by theverge.com

Google’s Phone app can now automatically filter out calls that it detects to be spam, sending them directly to voicemail. Your phone won’t ring, and you won’t even get a missed call notification for any calls that Google weeds out.

If the spam callers leave a voicemail — you know, like the usual spiel about charges being filed against you over back-owed taxes — that will still find its way to your voicemail inbox.

Backup: The Often Ignored Prep

Backup: The Often Ignored Prep by beansbulletsbandagesandyou.com

Backup. It’s probably one of the most ignored preps against “everyday” SHTF disaster moments, and frankly there’s no excuse for electronics owners to not back up their equipment. None.

I get it, backup is totally un-fun!

It’s true, setting up a backup plan is not fun. Neither is going to the dentist to get that semi- annual cleaning, getting poofed in the eye during the yearly doctor’s exam or waiting in line at the DMV to get your vehicle plates updated.


PSA: Make Sure You Have a Backup for Two-Factor Authentication by howtogeek.com

Two factor authentication (2FA) is generally a great security tool. But if you have it enabled on your Apple or Google accounts, this could really come back to bite you in the worst way. Here’s what you need to know.


What To Do If You Lose Your Two-Factor Phone by howtogeek.com

Many websites send security codes to your phone number to confirm your identity when signing in. You may use apps that generate security codes on your phone, too. But what happens if you lose your phone?

Google Chrome Say Websites Are “Not Secure”

Why Does Google Chrome Say Websites Are “Not Secure”? by howtogeek.com

Starting with Chrome 68, Google Chrome labels all non-HTTPS websites as “Not Secure.” Nothing else has changed—HTTP websites are just as secure as they’ve always been—but Google is giving the entire web a shove towards secure, encrypted connections.

In the future, Google even plans to remove the word “Secure” from the address bar. All websites should be secure by default, after all.

How to Make Your Phone’s Fingerprint Reader More Accurate

How to Make Your Phone’s Fingerprint Reader More Accurate by howtogeek.com

 

Fingerprint readers on phones have made devices more secure and faster to unlock, at least when they work on the first try. If you have trouble unlocking your phone quickly, there are things you can do to improve your device’s fingerprint reader.

Biometric identification on phones has come a long way over the last few years, with both Apple and Google building…

Your password has probably been stolen

Your password has probably been stolen. Here’s what to do about it. by washingtonpost.com

Pardon the interruption, but your passwords are leaking.

You’ve probably become numb to all the headlines about data breaches. But a website called Have I Been Pwned will expose the horror they’ve wreaked on you.

Type in your email address and Have I Been Pwned lists websites and apps on which your passwords have been compromised. (“Pwned,” pronounced like “owned,” is geek speak for conquered.) Try your family members’ emails and your favorite passwords, too. Australian security guru Troy Hunt spends…

Browsing the web in ‘incognito’ mode

There are a lot of misconceptions about browsing the web in 'incognito' mode, researchers say by cnbc.com

Browsing the web in incognito mode isn't as private as most people think.

Researchers with the University of Chicago and the Leibniz University of Hanover recently published the results of a study that included 450 participants. It found that many participants thought "incognito mode" or "private mode" in a web browser protected their online activity much more than it does.

Chrome Tech Support Scam

Watch Out for This Chrome Tech Support Scam by pcmag.com

Even seasoned tech professionals can't help but react badly when lots of big, red text appears on a computer screen proclaiming your machine has been compromised. They are almost always a scam, but unless you know what they look like it can be easy to fall for them. Now a Google Chrome bug has presented scammers with a new opportunity to scare users into paying them to fix a non-existent problem.

Celebrating 10 years of Password Security

Celebrating 10 years of Password Security

LastPass launched ten years ago and was founded on a mission to provide seamless password security for individuals and businesses alike.


Share LastPass with friends

Trouble convincing your friends and family to finally use a password manager? Check out our new infographic for 10 ways to convince your loved ones to take control of their cybersecurity with LastPass.

How to remove third-party access to your Gmail inbox w/ Google Security Checkup

How to remove third-party access to your Gmail inbox w/ Google Security Checkup by 9to5google.com

There’s been a lot of brouhaha this week about Gmail and the access that it’s giving third-party apps to your email. I already outlined exactly why this is not something to be particularly concerned about and how those headlines might be misleading to some. One of the key takeaways of my argument is that you still have control over your data and who gets to use it, so here’s how to do that…

Factor Authentication (and Sync Your Codes Between Devices)

Factor Authentication (and Sync Your Codes Between Devices) by howtogeek.com

Strong passwords are not enough anymore: we recommend using two-factor authentication whenever possible. Ideally, that means using an app that generates authentication codes on your phone or a physical hardware token. We prefer Authy when it comes to authentication apps—it’s compatible with all sites that use Google Authenticator, but is more powerful and convenient.

1 2 3 5
Tech News by Topic